• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.105-108
• /
• 2006

보안을 위협하는 요소들에 대하여 기존의 보안기술들은 응용계층 기술의 한계를 드러내고 있다. 이를 극복하기 위한 방법으로 보안 운영체제에 대한 연구가 활발히 진행되고 있지만, 보안정책 설정의 복잡성 때문에 일반 사용자들이 보안정책을 설정하여 적용하기가 어렵다. 본 논문에서는 대표적인 보안 운영체제인 SELinux의 보안모델과 이와 관련된 연구들을 살펴보고, SELinux의 정책 복잡성 개선을 위한 SELinux 보안정책 템플릿을 제안한다.

• Journal of Information Technology Applications and Management
• /
• v.22 no.2
• /
• pp.171-199
• /
• 2015

This study proposes the practical information security measures that help IT personnel of banks comply the information security policy. The research model of the study is composed of independent variables (clarity and comprehensiveness of policy, penalty, dedicated security organization, audit, training and education program, and top management support), a dependent variable (information security policy compliance intention), and moderating variables (age and gender). Analyses results show that the information security measures except 'clarity of policy' and 'training and education program' are proven to affect the 'information security policy compliance intention.' In case of moderating variables, age moderated the relationship between top management support and compliance intention, but gender does not show any moderating effect at all. This study analyzes information security measures based solely on the perception of the respondents. Future study may introduce more objective measurement methods such as systematically analyzing the contents of the information security measures instead of asking the respondents' perception. In addition, this study analyzes intention of employees rather than the actual behavior. Future research may analyze the relationship between intention and actual behavior and the factors affecting the relationship.

• Korean Security Journal
• /
• no.17
• /
• pp.195-220
• /
• 2008

Various Kinds of social pathology and crimes that threaten our daily safety are on the increase in process of time as a result of the development of science and technology empty of moral sense, Value Confusions, apolaustic tendency, economic and social transformation recently. Moreover the effective provision of police service lies beyond the boundaries of the police organization. Therefore private security personnel have made an effort for safety and protection of group as well as an individual through the introduction of private security industry based on a benefit principle and private security industry is being become complexes utilizing technology as well as high-end devices through various international events. The field of private security industry in Korea is being extended rapidly with expansionism of society and public services but the quality improvement is declining. Furthermore the study of recruit education program for security personnel as the basis of quality improvement is insufficient compared with the study of police service. Consequently, this investigation is going to contribute to development of recruit education program for security personnel through the analysis about difference of each subject usability for education about electronic security and facility guard.

• Journal of Digital Convergence
• /
• v.14 no.6
• /
• pp.253-261
• /
• 2016

As many people use internet through the various programs of PC and mobile devices, the possibility of private data leak is increasing. A program should be used after checking security of information flow. Security analysis of information flow is a method that analyzes security of information flow in program. If the information flow is secure, there is no leakage of personal information. If the information flow not secure, there may be a leakage of personal information. This paper proposes a method of analyzing information flow that facilitates SAT solver. The method translates a program that includes variables where security level is set into propositional formula representing control and information flow. The satisfiability of the formula translated is determined by using SAT solver. The security of program is represented through the result. Counter-example is generated if the program is not secure.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1013-1016
• /
• 2007

본 논문에서는 SEEN 보안운영체제 시스템에서 접근통제 정책관리 도구의 설계 및 구현한 내용을 설명한다. 보안운영체제에 대한 지식이 부족한 보안 관리자가 정책을 설정하고 적용하는 데에 많은 어려움이 따른다. 따라서 본 논문에서는 이러한 정책 적용 및 정책 설정의 문제점을 해결하기 위해 접근통제 정책관리 처리에 대한 것을 사용자가 쉽게 파악 할 수 있고 친숙한 그래픽 기반의 형태로 특별한 지식이 없는 사용자와 보안 관리자들에게 시스템을 효율적이고 편리하게 사용할 수 있도록 한다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2003.11c
• /
• pp.2013-2016
• /
• 2003

최근 무선인터넷의 활발한 보급화에 더불어 이동성 단말을 이용한 전자상거래 등이 활발하게 이루어짐에 따라서 개인 데이터 보호 및 안전한 통신을 보장 받으려는 모바일 사용자들의 요구가 급속히 증가하고 있다. 이는 무선매체의 공개성에 따른 보안침해의 용이성과 단말이 이동함에 따른 보안 체계 구축의 복잡성에 기인한다. 이러한 이유로 최근 이동성 단말의 통신에서 보안이 중요한 영역으로 인식되고 있다. 따라서 본 논문에서는 이러한 모바일 환경 특히 향후 전개될 MIPv6(Mobile Internet Protocol version 6) 환경에서의 안전한 데이터 전송을 위해 IP 계층 보안 프로토콜인 IPsec(Internet Protocol security)을 이용한 이동 단말의 안전한 데이터 전송을 테스트하고 향후 MIPv6 에서의 보안성 향상을 위한 방안들을 모색해 보고자 한다.

• Korean Security Journal
• /
• no.27
• /
• pp.107-128
• /
• 2011

The purpose of this study was to determine the relationship between gymnasium selection and training adherence of security martial arts trainees. To this aim, this study selected 8 gymnasiums in Gyounggi and Incheon province and sampled 220 people above the fourth grade in elementary school. Out of these, 14 cases were dropped due to insufficient answers or incomplete answers, and 206 qualified cases were finally adopted for this study. Data were analyzed using exploratory factor analysis, reliability analysis and frequency analysis, MANOVA, correlation analysis and multiple regression analysis with SPSS 18.0. The results of this study were as follows. First, there were significant differences in gymnasium selection factors(instructor background, training program, public relations) depending upon the trainee's sex. Second, there were significant differences in gymnasium selection factors(training program, main others, public relations) depending upon the trainee's school grade. Third, there were no significant differences in training adherence factors depending upon the trainee's sex and school grade. Fourth, there were positive correlations between instructor background, training program and public relations-factors among gymnasium selection and management program, external and social relations-factors among training adherence. Fifth, the partial sub-factors of gymnasium selection have influenced training adherence. Consequently, security martial arts managers and instructors need to establish marketing strategies suitable for sex and school grade to recruit new security martial arts trainees. It may be considered that security martial arts instructors should construct the differentiated management system for trainees and the specialized training program for lasting training of new or existing security martial arts trainees.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.21 no.4
• /
• pp.77-87
• /
• 2011

As information services have been widely used in various environments, the knowledge information security sector plays a significant role in development and management of products and services, information privacy management, risk management and safety, etc. Thus, the process of acquiring knowledge information security professionals is getting more attention for promoting the stable and long-term development of the knowledge information security sector. This study identifies and analyzes the promising fields for the KISA Employment-Contract Master Program and suggests promotion strategies for knowledge information security professionals. By surveying participants and would-be participants, and interviewing experts, it is analyzed that 'mobile security' and 'convergence security' are the two most important fields to be included in the program.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.223-227
• /
• 2006

SELinux와 같은 보안 운영체제들은 정교한 접근통제 기능을 제공하고 있으나 타입(Type)과 매크로 등과 같은 정책 설정 구성요소가 많아지게 됨으로서, 운영체제에 대한 지식이 부족한 정책관리자가 정책을 설정하고 적용하기 어렵다. 이러한 정책기술 및 적용의 복잡성은 SELinux와 같은 훌륭한 보안운영체제의 범용화의 걸림돌이 되고 있다. 따라서 본 논문에서는 이러한 정책기술 및 정책 설정의 문제점을 해결하기 위해 정책관리자들이 사용하기 쉬운 보안 정책모델과 기술언어를 제안하고 SELinux의 정책과 성능을 비교하여 제안한 방법이 개선되었음을 보인다.

• Korean Security Journal
• /
• no.28
• /
• pp.79-102
• /
• 2011

This is a follow-up research of Oh Jae Hwan(2010) aimed to confirm the influence of the educational program of improved question search methods on the duty and job satisfaction of private security guards. For this research, a survey was conducted on a sampling of 170 private security guards living in Seoul and Gyeonggi province, as selected in the research of Oh Jae Hwan(2010). A frequency analysis, correlation analysis and multiple regression analysis were conducted on the collected data by using the SPSS 15.0. The Cronbach's ${\alpha}$ value of the reliability of the survey was over 0.800. The analyzed result of the research is as follows. It was found that when there was an increase in the content of educational training of the program there was also an increase in the job satisfaction and performance. This signifies that the contents of the improved educational program includes scientific and systematic techniques such as METT and action promoting questions, the adequately constructed practical skill education allows private guards to have confidence in their duty, the research reflects the current trends and has a high possibility of utilization due to its high relevance to the duties of private security guards.